Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/566ef5-d13d-474c-a299-298fbe7dc168/1/5qUvekTWUz1S_FpeM2NZS67ck3M.roa
File: 5qUvekTWUz1S_FpeM2NZS67ck3M.roa (raw, json)
Hash identifier: Ds6B6jSVUXQz1ysU6aXSYe/Qz8BnngsQCcW1L3O8G5E=
Subject key identifier: E6:A5:2F:7A:44:D6:53:3D:52:FC:5A:5E:33:63:59:4B:AE:DC:93:73
Certificate issuer: /CN=572ba64b3a9060b464337ad30a02bec4b11a551f
Certificate serial: 019420D5C6DA6F861E100E951FB4521C7649
Authority key identifier: 57:2B:A6:4B:3A:90:60:B4:64:33:7A:D3:0A:02:BE:C4:B1:1A:55:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VyumSzqQYLRkM3rTCgK-xLEaVR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/566ef5-d13d-474c-a299-298fbe7dc168/1/5qUvekTWUz1S_FpeM2NZS67ck3M.roa
Signing time: Wed 01 Jan 2025 07:47:48 +0000
ROA not before: Wed 01 Jan 2025 07:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15404
IP address blocks: 194.9.4.0/24 maxlen: 24
194.9.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Mar 2025 16:29:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c6:da:6f:86:1e:10:0e:95:1f:b4:52:1c:76:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=572ba64b3a9060b464337ad30a02bec4b11a551f
Validity
Not Before: Jan 1 07:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6a52f7a44d6533d52fc5a5e3363594baedc9373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8f:14:15:99:36:2e:62:5b:14:8d:fd:1f:e6:
2c:93:10:73:be:80:a0:b6:e2:00:e5:e9:35:45:91:
81:4c:83:b0:25:fa:fc:70:87:81:e4:5a:14:19:ef:
35:e1:a8:0a:68:06:88:8c:60:68:cf:28:70:81:fb:
82:b5:79:58:7c:ce:98:24:ae:a8:ad:e1:29:23:5d:
15:4f:44:e0:a2:fe:57:b9:33:44:ef:75:50:b5:6d:
35:8f:1b:13:30:fd:7d:88:5e:35:54:40:bc:af:40:
b6:bd:aa:4e:79:63:80:be:96:2e:ff:97:42:bc:77:
f5:c9:90:ae:fb:fd:9d:98:3d:32:63:2e:fa:c8:d8:
6d:e2:70:5e:38:5c:99:15:af:f0:4c:2a:89:07:e9:
d3:97:a0:69:8d:17:a6:ca:a0:bd:f0:1f:30:5c:41:
88:d9:b1:dc:fd:5e:d9:5c:40:4d:24:06:91:c6:74:
22:99:c7:3d:bf:e9:98:d9:db:6e:e9:bd:c4:b1:8a:
0f:52:98:6b:5b:fa:59:8b:4f:6f:d1:c4:17:59:69:
cb:a2:f3:97:4a:1d:1e:77:5b:90:e9:33:7c:ab:8c:
da:09:11:b3:16:6c:11:da:6b:91:e2:e0:f5:50:0f:
dc:5d:4e:ee:40:09:08:0b:a7:cb:74:40:57:4d:56:
4d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:A5:2F:7A:44:D6:53:3D:52:FC:5A:5E:33:63:59:4B:AE:DC:93:73
X509v3 Authority Key Identifier:
keyid:57:2B:A6:4B:3A:90:60:B4:64:33:7A:D3:0A:02:BE:C4:B1:1A:55:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VyumSzqQYLRkM3rTCgK-xLEaVR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/566ef5-d13d-474c-a299-298fbe7dc168/1/5qUvekTWUz1S_FpeM2NZS67ck3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/566ef5-d13d-474c-a299-298fbe7dc168/1/VyumSzqQYLRkM3rTCgK-xLEaVR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.4.0/23
Signature Algorithm: sha256WithRSAEncryption
26:e4:b3:ea:e8:d7:e9:66:4c:a1:f5:4b:fd:a5:3b:ca:e3:f1:
e6:e2:ed:20:da:ee:a1:50:1e:4e:e6:3b:02:09:bc:ae:b8:cc:
49:d8:5d:cf:81:c3:0e:1d:30:5d:3e:21:53:64:77:4d:4c:e8:
04:76:a7:04:c0:6d:1a:90:bd:64:bc:53:07:f4:bf:81:91:4b:
1c:4b:d9:9f:a1:6a:62:89:30:73:6b:46:d6:f1:bf:7a:c1:f1:
06:d6:cc:98:9b:04:21:d8:78:b5:f1:56:ee:d8:d1:36:ba:bf:
ef:12:ba:a8:42:1a:40:cb:75:97:45:7d:73:8e:d0:20:e2:99:
ad:bc:14:f7:35:66:b8:31:0e:44:28:74:c1:65:f4:f0:d3:32:
1d:78:86:7b:6b:c3:55:fc:e0:0d:c1:09:c7:fa:e6:53:a5:7c:
e0:7b:16:94:21:c2:5f:fa:c5:52:e3:70:99:45:a1:6b:68:b9:
f3:bc:1c:be:9a:16:6d:ae:43:33:8a:14:95:a1:d6:03:6b:64:
b0:50:3c:45:7f:01:db:5d:3c:97:38:ae:da:97:d6:fb:7f:f7:
20:ba:af:05:30:fc:39:7c:11:ef:06:5f:35:db:8d:be:68:85:
14:d0:9f:83:ed:90:8a:c3:b7:e9:25:fb:75:a6:bc:04:84:b1:
74:2b:2f:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1cbab4YeEA6VH7RSHHZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MmJhNjRiM2E5MDYwYjQ2NDMzN2FkMzBhMDJiZWM0YjEx
YTU1MWYwHhcNMjUwMTAxMDc0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmE1MmY3YTQ0ZDY1MzNkNTJmYzVhNWUzMzYzNTk0YmFlZGM5MzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmI8UFZk2LmJbFI39H+YskxBzvoCg
tuIA5ek1RZGBTIOwJfr8cIeB5FoUGe814agKaAaIjGBozyhwgfuCtXlYfM6YJK6o
reEpI10VT0Tgov5XuTNE73VQtW01jxsTMP19iF41VEC8r0C2vapOeWOAvpYu/5dC
vHf1yZCu+/2dmD0yYy76yNht4nBeOFyZFa/wTCqJB+nTl6BpjRemyqC98B8wXEGI
2bHc/V7ZXEBNJAaRxnQimcc9v+mY2dtu6b3EsYoPUphrW/pZi09v0cQXWWnLovOX
Sh0ed1uQ6TN8q4zaCRGzFmwR2muR4uD1UA/cXU7uQAkIC6fLdEBXTVZN4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOalL3pE1lM9UvxaXjNjWUuu3JNzMB8GA1UdIwQY
MBaAFFcrpks6kGC0ZDN60woCvsSxGlUfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnl1bVN6cVFZTFJrTTNyVENnSy14TEVhVlI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81NjZlZjUtZDEzZC00NzRjLWEyOTkt
Mjk4ZmJlN2RjMTY4LzEvNXFVdmVrVFdVejFTX0ZwZU0yTlpTNjdjazNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81NjZlZjUtZDEzZC00NzRjLWEyOTktMjk4ZmJlN2RjMTY4
LzEvVnl1bVN6cVFZTFJrTTNyVENnSy14TEVhVlI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwgkEMA0G
CSqGSIb3DQEBCwUAA4IBAQAm5LPq6NfpZkyh9Uv9pTvK4/Hm4u0g2u6hUB5O5jsC
CbyuuMxJ2F3PgcMOHTBdPiFTZHdNTOgEdqcEwG0akL1kvFMH9L+BkUscS9mfoWpi
iTBza0bW8b96wfEG1syYmwQh2Hi18Vbu2NE2ur/vErqoQhpAy3WXRX1zjtAg4pmt
vBT3NWa4MQ5EKHTBZfTw0zIdeIZ7a8NV/OANwQnH+uZTpXzgexaUIcJf+sVS43CZ
RaFraLnzvBy+mhZtrkMzihSVodYDa2SwUDxFfwHbXTyXOK7al9b7f/cguq8FMPw5
fBHvBl81242+aIUU0J+D7ZCKw7fpJft1prwEhLF0Ky9P
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:15:18 2025 by rpki-client